aboutsummaryrefslogtreecommitdiffstats
path: root/doc/ldap (follow)
Commit message (Collapse)AuthorAgeFilesLines
* dirmngr: Allow the use of an ntds like schema on OpenLDAP et al.Werner Koch3 days1-2/+6
| | | | | | | | | | | | | | | | | | | | | * dirmngr/ks-engine-ldap.c (SERVERINFO_CNFPR): New. Replace all SERVERINFO_NTDS with this one. (interrogate_ldap_dn): Parse "cnfpr" flag and set SERVERINFO_CNFPR. Set this flag also for "ntds". * doc/ldap/gnupg-ldap-init.ldif (pgpVersion): Suggest the use of the "cnfpr" flag. -- Note that SERVERINFO_NTDS is currently not anymore used directly but we keep it in case we need to do other NTDS specific things in the future. The advantage of using a fingerprint for referencing a key is that there won't be any collisions in the keyid. Further this unifies the schema with an LDS (Windows) installation where DNs must anyway be unique. But take care the client needs to support this new flag. GnuPG-bug-id: 7742
* indent: Fix spellingDaniel Kahn Gillmor2024-05-313-8/+8
| | | | | | | | | | | | | -- These are non-substantive corrections for minor spelling mistakes within the GnuPG codebase. With something like this applied to the codebase, and a judiciously tuned spellchecker integrated as part of a standard test suite, it should be possible to keep a uniform orthography within the project. GnuPG-bug-id: 7116
* doc: Minor update of the AD schema.Werner Koch2021-09-093-39/+45
| | | | --
* gpg: Print a note about the obsolete option --secret-keyring.Werner Koch2021-08-281-1/+1
| | | | | | -- GnuPG-bug-id: 2749
* doc: Add notes on how to enable TLS in openldap.Werner Koch2021-05-281-0/+56
| | | | --
* doc: Fix an example in README.ldapWerner Koch2021-04-191-1/+1
| | | | --
* doc: Add instructions on how to setup an Active Directory.Werner Koch2020-12-232-9/+89
| | | | --
* dirmngr: Finalize Active Directory LDAP SchemaWerner Koch2020-12-173-5/+7
| | | | | | | | -- With these modifications it is now possible to store and retrieve keys from an AD without manually tweaking the schema. Permissions need to be set manuallay, though.
* dirmngr: Remove superfluous attribute from the LDAP schema.Werner Koch2020-12-152-27/+10
| | | | | | | | | | | -- I accidently added a gpgSubCertID attribute not realizing that the pgpSubKeyID already carries the long keyid. Remove that. Note that the pgpkeyID has the short keyid and the long keyid has the name pgpCertID. Signed-off-by: Werner Koch <[email protected]>
* dirmngr: Support the new Active Directory schemaWerner Koch2020-12-143-4/+382
| | | | | | | | | | | | | | | | | | | | | | * dirmngr/ks-engine-ldap.c (SERVERINFO_): New constants. (my_ldap_connect): Relace args pgpkeyattrp and real_ldapp by a new serverinfo arg. Set the new info flags. (ks_ldap_get): Adjust for change. (ks_ldap_search): Ditto. (ks_ldap_put): Ditto. Replace xmalloc by xtrymalloc. Change the DN for use with NTDS (aka Active Directory). * doc/ldap/gnupg-ldap-init.ldif (pgpSoftware): Update definition of pgpVersion. * doc/ldap/gnupg-ldap-ad-init.ldif: New. * doc/ldap/gnupg-ldap-ad-schema.ldif: New. -- This is a first take on better Active Directory support. The main change for NTDS in the code is that the an top-RDN of CN is used instead of the old pgpCertID. More changes to come; for example using and storing the fingerprint. Signed-off-by: Werner Koch <[email protected]>
* doc: Add notes on how to setup LDAPWerner Koch2020-10-073-0/+681
--
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 23:19:49 +0000